问题
I hope you all are having a great day. I apologize in advance if this is a terrible attempt at a question, I'm not very good at this.
Introduction
So First of all, I'd like to introduce what I am actually creating.
I work for a MSP, and I've been tasked with creating a User Management Powershell Script to be used for one of our Customers so that we can easily manage users and automate a lot of our user creation processes.
I have run into an issue, which is why I am asking for help
The Issue
Our customer is insisting on using Login Scripts over GPO for mapping drives for users. I have added a login script builder to the script, however I cannot for the life of me figure out how to specify which drives actually need adding to the login script.
How Drive Mappings Are Managed
The way drive mappings are managed at our customer's network, is based on Job Role + Active Directory Groups. They request on an E-Form which drives need to be mapped, and we then look through the Active Directory to see which group has permissions to access the requested drives. We then add these groups.
What I Need Help With
I need to find a way for the groups to be specified by the technician creating the user, this then needs to translate into one of the selected drive mappings, which then writes to the login script. I have attempted it myself, however I Just cannot figure out a way to do this for different drives.
Current Code
Note, This may not all be in Order, There May Be Code In-Between on The Actual Script. This Is Just Relevant Code
[String]$path= ".\LoginScript.txt"
$NewName = $SAMAccountName
$extension = ".bat"
$FileName = "$SAMAccountName$extension"
$ScriptDrive = "\\IPREMOVED\scripts"
$group = "zz Everyone"
$members = Get-ADGroupMember -Identity $group -Recursive | Select -ExpandProperty Name
$Drive1 = If ($Members -contains $SAMAccountName) {
Write-Output "Net Use N: "\\FILE0\Senior Duty Nurses""
}
Else {
Write-Output "Net Use N: "\\FILE0\Senior Duty Nurses""
}
Write-Output "NET TIME \\FILE0 /SET /Y
$Drive1
@echo off
REM -------------------------------
REM -- LANDesk v8.6.1 Installation --
REM -------------------------------
%LogonServer%\Netlogon\LANDesk\iDeploy.exe /F=%LogonServer%\Netlogon\LANDesk" `n`n|FT -AutoSize >>LoginScript.txt
Get-ChildItem LoginScript.txt | Rename-Item -NewName $FileName
Move-Item -Path ".\$FileName" -Destination $ScriptDrive
If you need any more code, just ask and I will post it in an edit below this line. Thank you in advance :)
EDIT
I've managed to get this working with the following layout
# Params
$NewName = $SAMAccountName
$extension = ".bat"
$FileName = "$SAMAccountName$extension"
$ScriptDrive = "\\IPREMOVED\scripts"
$Groups = Get-ADPrincipalGroupMembership $SAMAccountName | select -expandproperty name
# Define All Groups and Drives
$infosec = IF ($Groups -contains 'domain info sec'){
Write-Output "Net Use I: "\\FILE0\Info-Security " "
}
Else {
Write-Output " "
}
$mgmtboard = IF ($Groups -contains 'domain mgt board'){
Write-Output "Net Use : "\\FILE0\Board Committee Papers" "
}
Else {
Write-Output " "
}
$anaesthetics = IF ($Groups -contains 'domain anaesthetics'){
Write-Output "Net Use : "\\FILE0\anaesthetics" "
}
Else {
Write-Output " "
}
$adverseir = IF ($Groups -contains 'domain adverse ir'){
Write-Output "Net Use : "\\FILE0\adverse incident reports" "
}
Else {
Write-Output " "
}
$breastcancersecs = IF ($Groups -contains 'domain breast secs'){
Write-Output "Net Use : "\\FILE0\breast cancer secs" "
}
Else {
Write-Output " "
}
$bookwise = IF ($Groups -contains 'domain bookwise'){
Write-Output "Net Use : "\\FILE0\bookwise" "
}
Else {
Write-Output " "
}
$patientassessment = IF ($Groups -contains 'domain assessment'){
Write-Output "Net Use : "\\FILE0\patient assessment" "
}
Else {
Write-Output " "
}
$clinicaleducation = IF ($Groups -contains 'domain clinical educ'){
Write-Output "Net Use : "\\FILE0\clinical education" " -NoTypeInformation
}
Else {
Write-Output " "
}
# Creates The GroupMap
$GroupMap = $infeosec,$mgmtboard,$anaesthetics,$adverseir,$breastcancersecs,$bookwise,$patientassessment,$clinicaleducation
# Create The Drive Param
$Drives = $GroupMap
Write-Output "NET TIME \\FILE0 /SET /Y
$Drives
@echo off
REM -------------------------------
REM -- LANDesk v8.6.1 Installation --
REM -------------------------------
%LogonServer%\Netlogon\LANDesk\iDeploy.exe /F=%LogonServer%\Netlogon\LANDesk" `n`n|FT -AutoSize >>LoginScript.txt
Get-ChildItem LoginScript.txt | Rename-Item -NewName $FileName
Move-Item -Path ".\$FileName" -Destination $ScriptDrive
However, within the login script. It shows the following.
NET TIME \\FILE0 /SET /Y
System.Object[]
@echo off
REM -------------------------------
REM -- LANDesk v8.6.1 Installation --
REM -------------------------------
%LogonServer%\Netlogon\LANDesk\iDeploy.exe /F=%LogonServer%\Netlogon\LANDesk
Why is it showing System.Object[]? Can this be removed?
来源:https://stackoverflow.com/questions/51520948/additional-outputs-based-on-group-memberships